10.6.1 Server - cannot prevent authenticated users from creating a blog
I have a brand new Snow Leopard (10.6.1) 2.26 Ghz quad core Xserve with 12Gb RAM that will be used for web collaboration services. I've currently set up Wiki and Blog services with a group membership to allow creating wikis/blogs. The reason for this is for staff development purposes with the plan to add people into the group as they are trained. The process to set it all up was very simple, however, I'm having an issue preventing authenticated users from creating a personal blog. Although I can prevent the creation of wiki's to members of a group easily, any authenticated user on the server can log into "My Page" and will be able to create a blog. I've gone to server admin>choose the server>choose the "access" icon and set the column "for selected services below" (blog) to "allow only users and groups below" (the group) and it still doesn't prevent them from making a blog page. In WGM for the group on the "Basic" tab, the "enable the following services for this group" has only the choice of "none" and therefore since the site isn't showing as a choice, the Wiki, Blog, Calendar and Mailing List is grayed out. I've seen another thread that states in 10.6 that option for setting the service acl in the group settings of WGM is unavailable. Does anyone know a fix for my problem of security access for a "My Page" blog or is it a possible bug in Snow Leopard? Right now my only workaround is to remove the users access and enable it as they are trained. This isn't an ideal fix, however, because we have some users who want to limit their wiki or blog to authenticated users only, not public access. Any help will be greatly appreciated.
Thanks for the suggestion, but that would prevent all users from creating personal blogs. I was hoping to be able to have a group of users that can create a personal blog outside of the blog attached to a wiki.
Similar Messages
-
Cannot prevent authenticated users from creating a blog on "My Page"
I have a brand new Snow Leopard (10.6.1) 2.26 Ghz quad core Xserve with 12Gb RAM that will be used for web collaboration services. I've currently set up Wiki and Blog services with a group membership to allow creating wikis/blogs. The reason for this is for staff development purposes with the plan to add people into the group as they are trained. The process to set it all up was very simple, however, I'm having an issue preventing authenticated users from creating a personal blog. Although I can prevent the creation of wiki's to members of a group easily, any authenticated user on the server can log into "My Page" and will be able to create a blog. I've gone to server admin>choose the server>choose the "access" icon and set the column "for selected services below" (blog) to "allow only users and groups below" (the group) and it still doesn't prevent them from making a blog page. In WGM for the group on the "Basic" tab, the "enable the following services for this group" has only the choice of "none" and therefore since the site isn't showing as a choice, the Wiki, Blog, Calendar and Mailing List is grayed out. I've seen another thread that states in 10.6 that option for setting the service acl in the group settings of WGM is unavailable. Does anyone know a fix for my problem of security access for a "My Page" blog or is it a possible bug in Snow Leopard? Right now my only workaround is to remove the users access and enable it as they are trained. This isn't an ideal fix, however, because we have some users who want to limit their wiki or blog to authenticated users only, not public access. Any help will be greatly appreciated.
Message was edited by: dstrollo.ilRan into this same issue.... Talked with a field engineer who confirmed the behavior. The question now is this a defect or "feature that does not work as as the audience desires". As I far can tell, the security setting for blogs in server admin does nothing at all. This has the potential to cause a few issues as you cannot limit who can have a blog.
Message was edited by: jlindler -
Is it possible to prevent a user from creating and approving a JV
Hi,
Is it possible to prevent a user from creating and approving a JV. We have a rule that one user cannot do both. What happens is user#1 creates the JV, then some other user#9 approves the JV. Both user#1 and user#9 need to be able to create a JV and approve someone else's JV.
The transactions in question are...
F-02 General Posting - enter Journal Voucher (create & post)
F-65 Enter General Document - Parking (create)
FBV0 Post or Delete a Parked Document (approval)
Please let me know the details.
Thanks in advance,
regrads,
ChaksHi,
Requisition is submitted.....it means Requisition is saved or it means Requisition is Released..?
Regards,
manish -
How to prevent public users from creating and saving Word Documents
I have two public computers available for the public to view legal case documents. The program used uses the Word shell to save, view and print documents within the program. The clerk has stated that she does not want attorneys or others to
be able to create and save word documents on these computers. Is there a way to prevent a user on the public computers from opening word, creating a document and saving it?Instead of installing Word on the public computer (or at least instead of making it available on the public account), you could install the free Word Viewer:
https://www.microsoft.com/en-us/download/details.aspx?id=4 and make that available for the public account. Alternatively, if you want to ensure the document retains its originally
formatting regardless of what printer may or may not be attached to the public computer, you could keep only PDF copies of the file where the public can access them and install the free Adobe Acrobat Reader for viewing:
https://get.adobe.com/reader/.
Cheers
Paul Edstein
[MS MVP - Word] -
Obiee11g upgrade: Preventing authenticated-user from accessing obiee system
HI Gurus,
We have a problem regarding security and request your inputs. Please see the issue below:
Current Situation:
We have successfully integrated OBIEE11g with our enterprise MS Active DIrectory. With the current set up, any user in the company will be successfully authenticated by MSAD and he/she is able to login to obiee and reach the new bieehome page. I want to prevent this.
Expected:
Only users who belong to certain AD Groups should be able to acess obiee
How do I prevent this? In our MSAD we have AD groups built to identify OBIEE users. These ad Groups are pre-fixed with OBIEE_ (Ex: OBIEE_Marketing etc). Only the users belong to these groups should be allowed to login.
In 10g, we made use of privileges to explicitly grant access to obiee. We made use of privileges like 'Access to Dashboard' etc. As a result, even if a user is successfully authenticated by LDAP MSAD , he wont be able to reach obiee dashboards if he is not a member of designated GROUP. In 11g, since there is a new page called 'BIEE HOME', non-authorized users are able to reach this page.
Any help would be highly appreciated
--JoeI have created an SR with Oracle and as per the responses I got, it looks like this is an issue as there is no way to restrict access to bieehome page.
Anyone has any workarounds? This is really holding up our 11g release
--Joe -
How do i prevent the user from entering a RETURN/ENTER key into their username?
Hello,
i am currently trying to make a login system where the
username will obviously enter their username.
I have made my user input box editable and set up variables
to accept the user input and store them into variables, along with
error prevention for blank fields.
However i cannot prevent the user from hitting the
"enter"/"return" key. When i hit "enter" the user input box box
gets larger as the type curser moves onto the next line and when
the username is stored in a variable it is stored as "theuser
RETURN" so when variable is passed to the next frame and is
recalled by another text box to display the username, the user name
has a carriage return.
I want to prevent this, anyone got any suggestions? or know
of any websites i can visit which will explain this to me nicely??
Thank yousuggestion:
don't make the edit field editable right from the start.
rather attach a behaviour to the field/text-sprite like:
property mySprite, myMember
on beginsprite me
Sprite = me.spritenum
-- this is the channel-number of the editbox
myMember = mySprite.member.number
-- this is the field/text-member
member(myMember).editable = FALSE
end beginsprite
on mouseup me
-- when i get clicked for editing, then set me editable
member(mymember).editable = TRUE
the keydownscript = "MyKeyhandler"
-- this sets the keyhandler to YOUR keyhandler, see below
end mouseup
You would then need to have YOUR keyhandler in any mociesript
and there you
would block any unwished key, while editing
on MyKeyhandler
case the key of
RETURN:
stopevent;
otherwise
pass;
end case
end MyKeyhandler
in the end you would attach a behaviour to any
"Submit"-button (this is the
one that "gets" the userinput" and performs further action
according to your
wishes and decisions)
on mouseup
the keydownscript = EMPTY
-- this resets to normal
user-ID = member("Whatever the number or name of your
editfield
is").text
member("Whatever the number or name of your editfield
is").editable
= FALSE
-- any further actions to make in your project
-- to get along with the entered User-ID
end mouseup
something like this, I guess
Peter -
VPN connection on Mac gives "PPP Server cannot be authenticated"
Hello all
I am trying to connect my mac mini to my company's VPN. On my mac mini I tried the following to connect to VPN.
- System Preferences -> Network
- Created a new network, interface: VPN, VPN type: L2TP over IPSec, service name: Office VPN
- Configuration: default, Server Address: 222.222.22.222, Account Name: user1
Authentication Settings -> User Authentication Password: (password), Machine Authentication Shared Secret: (secret)
This does connect the mac to the vpn but after an interval of 6-10 minutes I always get a "PPP server cannot be authenticated" error. I can't seem to understand what is going wrong over here. The same problem is with every mac trying to connect to this vpn. Windows PC users did not report a problem of such sort.
I checked the system logs as well. Here's what happened until the connection was disconnected.
Thu Apr 14 14:43:02 2011 : L2TP connecting to server '222.222.22.222' (222.222.22.222)...
Thu Apr 14 14:43:02 2011 : IPSec connection started
Thu Apr 14 14:43:04 2011 : IPSec connection established
Thu Apr 14 14:43:04 2011 : L2TP connection established.
Thu Apr 14 14:43:04 2011 : Using interface ppp0
Thu Apr 14 14:43:04 2011 : Connect: ppp0 <--> socket[34:18]
Thu Apr 14 14:43:04 2011 : CHAP authentication succeeded
Thu Apr 14 14:43:07 2011 : local IP address 192.168.69.100
Thu Apr 14 14:43:07 2011 : remote IP address 192.168.1.254
Thu Apr 14 14:43:07 2011 : primary DNS address 192.168.1.84
Thu Apr 14 14:43:07 2011 : secondary DNS address 192.168.1.85
Thu Apr 14 14:43:07 2011 : l2tpwaitinput: Address added. previous interface setting (name: en1, address: 192.168.4.14), current interface setting (name: ppp0, family: PPP, address: 192.168.69.100, subnet: 255.255.255.0, destination: 192.168.1.254).
Thu Apr 14 14:43:37 2011 : l2tpwaitinput: Other Address event (8). previous interface setting (name: en1, address: 192.168.4.14), other interface setting (name: 99, family: 8716788, address: 4.0.69.100, subnet: 0.0.0.1, destination: 128.192.31.0).
**Thu Apr 14 14:43:34 2011 : IPV6CP: timeout sending Config-Requests**
Thu Apr 14 14:55:07 2011 : Connection terminated.
Thu Apr 14 14:55:07 2011 : Connect time 12.1 minutes.
Thu Apr 14 14:55:07 2011 : Sent 20233 bytes, received 48346 bytes.
Thu Apr 14 14:55:07 2011 : L2TP disconnecting...
Thu Apr 14 14:55:07 2011 : L2TP disconnected
Can somebody help me out over here? What could be going wrong over here?I'm looking for much the same answer, so can't help with the big picture. However, the Firewall options are not in System Preferences, but in the Server Admin in the Dock. Click on it, click on the triangle next to your server's name, then go down to FIrewall.
-
Cannot lock the page to prevent other users from editing it.
Please try again later.
I get t his error when I try to edit ASP pages on my web
server, I have all admin rights, anyone know a fix for this?App Store support. There is troubleshooting and a contact link.
Support -
Reporting Services through ISA server for All Authenticated Users
Hello colleagues.
I have MS SQL 2012 server with Reporting Services and it work via link:
https://reports2.domain.com/reports
In LAN all work fine, but I want publish this resource via ISA for All Authenticated Users.
When in publish rule I configure (in Condition) "All users" - all work fine, but when I configure "All Authenticated Users" - I have trouble on web form on
https://reports2.domain.com/reports/Pages/Report.aspx?ItemPat... - scripts not work, because it run how "anonymous" (I see on ISA logging) and ISA block scripts.
I can't use "All Users", because it's not secure.
Maybe somebody publish Reporting Services through ISA server for All Authenticated Users?
OR maybe - how on Reporting Services configure Negotiate authenticated for scripts?Hi Alexander,
All users or applications who request access to report server content or operations must be authenticated using the authentication type configured on the report server before access is allowed. The AuthenticationType named RSWindowsNegotiate is supported
by Reporting Services. To configure Windows Authentication on the Report Server, please see:
http://msdn.microsoft.com/en-us/library/cc281253(v=sql.110).aspx
Besides, we can publish report server via ISA server. Please note that you should use a new web port number with a new listener which shouldn’t be used by other web site for report server. Reference:
http://social.technet.microsoft.com/Forums/forefront/en-US/1cc68996-1ce6-4d88-a30d-2bfd13fba06e/how-to-publish-ssrs-2008-through-isa-2006?forum=Forefrontedgegeneral
Hope this helps.
Thanks,
Katherine Xiong
Katherine Xiong
TechNet Community Support
Katherine thanks for answer.
Report Server service started as Domain account.
I have in RSReportServer.config this:
<Authentication>
<AuthenticationTypes>
<RSWindowsNegotiate />
</AuthenticationTypes>
<RSWindowsExtendedProtectionLevel>Allow</RSWindowsExtendedProtectionLevel>
<RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
<EnableAuthPersistence>true</EnableAuthPersistence>
</Authentication>
In web.config I have this:
<authentication mode="Windows" />
<identity impersonate="true" />
I can go (from Internet through ISA) to
https://reports2.domain.com/reports and LogOn Authentication is work, but scripts not work, because it run how "anonymous" (I see this on ISA logging) and ISA block scripts.
Do you know where in Reporting Services configure run scripts with Negotiate authentication? -
How to prevent end user to create a Query View and save back to BW Server?
Dear All :
Do Someone know that how to setup authorization for Bex Query View Creation? We want to prevent end user to create a Query View to save back to BW Server his favorite folder. when our user run Bex Query, he can base on this query and use Bex Analyzer's save function to save a Query View and save into his favorite folder.
My question is :
1. Can we set up a Authorization to prevent end user to save Bex Query View?
2. Or can I remove Save function from Bex Analyzer to prevent end user use save function, But Developer should not to be prevent .
Thanks for all of your kindly response.
Best Regard
Lawrence KuoHi.
Yes, you can do it like you outline in your point 1):
You need to use the authorization object S_RS_COMP for this. This object let's you control what parts/components of a query the user can do stuff to. So, in your case, you need to have a role for the users, where you do not grant create-access to the component QVW, and then you need another role for developers, where you grant full access or whatever you need for your developers.
See [this post|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a6c54319-0e01-0010-20a4-fb81ad32f330?QuickLink=events&overridelayout=true&5003637661135] and the [SAP Help entry|http://help.sap.com/saphelp_nw70/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/content.htm].
You will also need to use the authorization object S_RS_COMP1. If you already have a productive system with users doing reporting, both objects will be maintained in one of the roles already.
You also want to consider using the object S_RS_PARAM to allow users to create variants for the variabel screen.
Good luck.
Jacob -
How to prevent user from creating jobs
Hi,
we need to prevent user from creating jobs on a dev enviorement. It's a 10.2.0.4 database standard on linux 64bits.
Their schema has only connect and resource roles. Is there a way to prevent them from creating jobs? In 11g it's the CREATE JOB permission, but in 10g i'm not sure how can i do this.
Thanks for any ideas!On 10g it's probably the CREATE JOB as well.
http://www.oracle.com/pls/db102/homepage
Alternatively you could:
alter system set job_queue_processes=0
http://download.oracle.com/docs/cd/B19306_01/server.102/b14237/initparams089.htm#REFRN10077 -
Hi All, We are in to Release 11.5.10.2.There is a specific requirement to Prevent users from creating Manual Sales Orders in Oracle and yet users should be able to book the Sales Orders Imported from CRM system into Orcale.Please advise.
Thanks for your advise.
However, I missed to mention that we have two set of users One is for Finished Goods and another for Spares.
Only Spares users need to be prevented from creating Direct/Manual Sales Orders in Oracle.
As you suggested, if this will be done at Form level, that may Disallow FG users also to create Manula Sales Orders which should not be the case.
Further, I tried to test one scenario through Processing Constraints but it did not work.
Application
OM
Validation Type
Entity
Temp
Short Name
TBL
Validation Semantics
Created By
Equal To
User(Myself)
Processing Cosntraint
Application
OM
Entity
Order Header
Constraint
Operation
User Action
Create
Not Allowed
Conditions
Group
Scope
Validation Entity
Record Set
Validation Template
101
Any
Order Header
Order
Above Created
Please advise. -
How to prevent multiple users from updating the same data in coherence
Hi,
I have a Java Web Application and for data cache am using coherence 3.5. The same data maybe shared by multiple users which maybe in hundreds. Now how do I prevent multiple users from updating the same data in coherence i.e. is there something in coherence that will only allow one user a time to update. If one user is in a process of updating a data in coherence and some other user also tries to update then the second user should get an error.
ThanksI have a question on the same line. How can I restrict someone from updating a cache value when I a process is already working on it. I tried locking the cache key but it does not stop other process to update it , it only does not allow other process to get lock on it.
-
Prevent multiple users from editing/approving the same form SPD 2013,SP 2013
Hello all, I have a workflow with a to do task, the task is assigned to a group so any of the users in that group can go in and do a quality check on form data and approve it. How do I prevent multiple users from working on the
same form? do I just require check out? or is there a way to notify the rest of the group that a user has already started the quality check.The "Require Checkout" option is your best bet. You can also enable the auto checkout on edit option to allow minimal effort on the side of the user. Other users will then get the error message stating the item is checked out, if they try to
edit it.
If you'd like, you could add a workflow to the task list that triggers when something is changed. That workflow can check if the item is checked out and if so, email the other users assigned to the task.
I trust that answers your question...
Thanks
C
|
RSS |
http://crayveon.com/blog |
SharePoint Scripts | Twitter |
Google+ | LinkedIn |
Facebook | Quix Utilities for SharePoint -
Prevent multiple users from updating coherence cache data at the same time
Hi,
I have a web application which have a huge amount of data instead of storing the data in Http Session are storing it in coherence. Now multiple groups of users can use or update the same data in coherence. There are 100's of groups with several thousand users in each group. How do I prevent multiple users from updating the cache data. Here is the scenario. User logs-in checks in coherence if the data there and gets it from coherence and displays it on the ui if not get it from backend i.e. mainframe systems and store it in coherence before displaying it on the screen. Now some other user at the same time can also perform the same function and if don't find the data in coherence can get it from backend and start saving it in coherence while the other user is also in the process of saving or updating. How do I prevent this in coherence. As have to use the same key when storing in coherence because the same data is shared across users and don't want to keep multiple copies of the same data. Is there something coherence provides out-of-the-box or what is best approach to handle this scenario.
ThanksHi,
actually I believe, that if we are speaking about multiple users each with its own HttpSession, in case of two users accessing the same session attribute in their own session, the actually used cache keys will not be the same.
On the other hand, this is probably not what you would really like, you would possibly like to share that data among sessions.
You should probably consider using either read-through caching with the CacheLoader implementor doing the expensive data retrieval (if the data to be cached can be obtained outside of an HTTP container), or side caching with using Coherence locks or entry-processors for concurrency control on the data retrieval operations for the same key (take care of retries in this case).
Best regards,
Robert
Maybe you are looking for
-
Date syntax for MySql query in SQL Reporting Services
I am currently trying to link a mysql Stored Procedure to a Microsoft SQL Reporting Server. It is coming up with a Syntax error. I believe this is down to the Date_from and Date_to Parameters. The query is below any help would be appreciated DELIMIT
-
Imovie text and picture problem
I have this movie clip and on that clip I made the text effect focus, so the movie clips gets unclear. (all that its working fine) BUT.. then I would also like to have a picture next to the text, but now this picture get also unclear, but I want it c
-
Captions are not shown in HTML
Dear experts, In the web design captions are shown. However when I publish my designed pages to a map some of the captions do not show up when I open the HTML. Thanks in advance for your help, Andre
-
HP 4510S laptop. has dual core processor but is only running one half of it.
This system is running on Win 7 32bit. If I upgraded to W7-64 bit would the system then use both halves of the processor?
-
Unable to execute find command
I am trying to execute a command as below: find . -name '*' -mtime +20 -printf "%f %t\n\r" | sort; The error after this is as below: find: bad option -printf find: path-list predicate-list I am also trying to execute the same as above in the followin